The Top Security Threats at the Edge, and How to Mitigate Them

Edge computing is one of the most important results to emerge from the rapid acceleration of digital transformation triggered by the COVID-19 response. Driven by the need to connect people and devices wherever they are, edge computing is growing. Leveraging cloud computing and breakthroughs in networking, edge computing, like all emerging trends, is causing growing pains for IT leaders. One area in particular that’s getting a lot of attention is edge security.

IDG’s State of the Network survey for 2020 showed 61% of organizations are either actively researching edge computing tools or have them in production. As edge deployments proliferate, securing edge devices and networks is emerging as a top priority.

Defining the Edge

IDG’s Eric Knorr describes the edge like this:

“Primarily, edge computing is applied to low-latency situations where compute power must be close to the action, whether that activity is industrial IoT robots flinging widgets or sensors continuously taking the temperature of vaccines in production. The research firm Frost & Sullivan predicts that by 2022, 90% of industrial enterprises will employ edge computing.”

The number one reason organizations are moving to the edge, according to IDG’s State of the Network survey: speed. They’re looking for reduced network latency, meaning less delay in data communications over the network. Nearly half of respondents (47%) say edge computing also can reduce operational expenses, because it reduces the need for costly bandwidth to connect locations and helps reduce data redundancy; the hope is reduced latency will also decrease cost.

IDC predicts that by 2025 there will be 55.7 billion connected devices worldwide, 75% of which will be connected to an IoT platform. That’s a lot of devices, and from a security standpoint, a lot of attack vectors.

Vulnerabilities at the edge

“The main difference between edge security and non-edge security is around scale and distribution,” says Arpit Joshipura, general manager of networking, IoT and Edge for The Linux Foundation, in CSOonline.com. “The number of applications, devices and connections that edge compute will drive require a scale that is 10 to 100 times today’s deployments,” he says.

That scale and exposure opens a Pandora’s Box of threats, writes Jaikumar Vijayan in CSOonline.

“The biggest concerns include an expanded attack surface and greater exposure to threats like distributed denial of service (DDoS) campaigns, data theft and leaks, third-party vulnerabilities, and intrusions into the enterprise network,” he writes.

Because of that sheer scale, the stakes are even higher, says Scott Crawford, an analyst with 451 Research. “With edge computing, basic security mistakes like deploying systems with default passwords, or without multi-factor authentication, can have big consequences,” he told CSOonline.

A comprehensive, integrated approach to like that offered by Lumen offers a strong foundation for an edge security strategy.

“You should expect things that sound like networking and SD-WAN and security to come integrated as a single commercial offer and a single operating model in the single pane of glass,” says Chris Smith, Vice President of Platform Application Solutions with Lumen Technologies. “And you should look for providers that can bring that all together for you and to make it simple.”

With 3.5 million miles of ultra-low loss fiber connectivity in North America, Lumen has the scale requirement covered. Lumen’s connected security platform engages adaptive networking, edge cloud architecture, and collaboration functions.  Lumen’s framework checks three key boxes identified by Frost and Sullivan:

• Distributed Denial of Service (DDoS) mitigation
• Web application firewall
• Bot risk management

New Security Frameworks Emerge

As with any new model or trend in IT, Edge security is spawning new strategies and tactics to help organizations level the playing field.

“The adoption of edge computing and cloud infrastructure over the past decade combined with the recent surge in remote work, have seriously challenged traditional network architectures and security models,” says Lucian Constantin., senior writer at IDG’s CSOonline.com.

Two of the most significant frameworks are Zero Trust and Secure Access Service Edge (SASE).

Implementing Zero Trust

As its name implies, Zero Trust is “a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access,” according to CSOonline.

Various security technologies work in concert to implement a Zero Trust approach. It requires the ability to authenticate each user and device, and to ensure the device itself is properly secured. It also involves policy-based access to applications and other resources that consider a user’s location and mode of access. A CFO, for example, may be able to access corporate financial applications while in the office or on a VPN from home, but not when using Wi-Fi at a coffee shop.

The approach makes use of technologies including multifactor authentication, identity and access management, orchestration, analytics, encryption, and more. It also adheres to the principal of “least access,” meaning giving users only the level of access required to accomplish a given task.

Zero Trust is a natural for edge locations, says Dave McCarthy, VP, Cloud and Edge Infrastructure Services with IDC. “In addition to hardening edge resources from attacks, it is important to enforce encryption of data both in transit and at rest,” he says. “Edge requires a greater emphasis in certificate-based identity management for both users and the endpoints themselves.”

SASE combines network and security services

Zero Trust is one of the pillars on which SASE is built. According to CSO, SASE encompasses software-defined and cloud-delivered solutions that combine network-as-a-service with network-security-as-a-service functionality. And the idea is growing right along with edge adoption: Gartner expects that by 2025, over 60% of enterprises will have explicit strategies and timelines for SASE adoption encompassing user, branch, and edge access.

SASE is likewise a natural for edge locations because it relieves companies from having to install security infrastructure and software at edge locations, most of which have no IT personnel on site. Instead, the locations can take advantage of cloud-based security solutions from a service provider.

Lumen’s SASE offering, for example, includes numerous security options, from Web application firewalls (WAF) and bot management to an API protection service. Lumen also has one of the largest distributed denial of service (DDoS) deployments in the world and enables customers to manage all security solutions from a single platform.  With one of the largest DDoS mitigation deployments in the industry, Lumen owns DDoS mitigation at scale. Lumen DDoS Mitigation Service delivers on-demand and always-on mitigation options with advanced features like intelligent scrubbing to help reduce latency and improve performance and one flat monthly service rate regardless of size, length or frequency of attacks.

“We are all focused on SASE,” says Lumen’s Smith, “which is bringing together numbers of different use cases, whether it’s software-based networking or SD-WAN or different security capabilities. And we are bringing them together into a single commercial offer, into a single operating model, and on the cloud edge in a better experience.”

Along with network and security solutions, Lumen also offers all the compute and storage resources you need for successful, low-latency edge implementations. To learn more, visit: www.lumen.com/edge.